It amazes me how often this seems to happen – and how easy it should be to fix.

The first answer is, obviously, train people.

But after that, it’s about defending against laziness and stupidity. But even that’s pretty easy.

All it really needs is a block on recipients in CC. If you’re sending an email and it’s got more than (say) 10 addresses in the CC field, it simply asks if you’re sure you want to send it with those people in CC rather than BCC. That’s an email-client thing – but is easy to do.

It can’t be that difficult – my own email clients all already ask if I want to send an email with no attachments if the message contains keywords like ‘attached’ or ‘CV’, after all.

A similar thing could be done on the mail-server as well – put in a rule that if there’s more than [defined limit] of addresses in the CC, it doesn’t send without an authorisation, an acknowledgement that this is OK.

There will still be the odd blithering fucktrumpet who manages to send out a whole mailing-list in CC (or even To) – but at least make it harder for them to do so.